reports/GO-2020-0007.yaml - vulndb - Git at Google

 packages:
   - module: github.com/seccomp/libseccomp-golang
     symbols:
       - ScmpFilter.addRuleGeneric
     derived_symbols:
       - ScmpFilter.AddRule
       - ScmpFilter.AddRuleConditional
       - ScmpFilter.AddRuleConditionalExact
       - ScmpFilter.AddRuleExact
     versions:
       - fixed: 0.9.1-0.20170424173420-06e7a29f36a3
 description: |
     Filters containing rules with multiple syscall arguments are improperly
     constructed, such that all arguments are required to match rather than
     any of the arguments (AND is used rather than OR). These filters can be
     bypassed by only specifying a subset of the arguments due to this
     behavior.
 published: 2021-04-14T20:04:52Z
 cves:
   - CVE-2017-18367
 ghsas:
   - GHSA-58v3-j75h-xr49
 credit: '@ihac'
 links:
     commit: https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e
	packages:
	- module: github.com/seccomp/libseccomp-golang
	symbols:
	- ScmpFilter.addRuleGeneric
	derived_symbols:
	- ScmpFilter.AddRule
	- ScmpFilter.AddRuleConditional
	- ScmpFilter.AddRuleConditionalExact
	- ScmpFilter.AddRuleExact
	versions:
	- fixed: 0.9.1-0.20170424173420-06e7a29f36a3
	description: \|
	Filters containing rules with multiple syscall arguments are improperly
	constructed, such that all arguments are required to match rather than
	any of the arguments (AND is used rather than OR). These filters can be
	bypassed by only specifying a subset of the arguments due to this
	behavior.
	published: 2021-04-14T20:04:52Z
	cves:
	- CVE-2017-18367
	ghsas:
	- GHSA-58v3-j75h-xr49
	credit: '@ihac'
	links:
	commit: https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e